Royal Holloway 2012: An analysis of cloud security certifications

Adoption
of cloud services is accelerating as companies take advantage of the more flexible and scalable IT
provisioning model created by the cloud.

But how should an organisation check that a cloud service provider is capable of looking after
its data? The provider may have been audited for SAS 70, ISO 27001, PCI DSS and a range of other
standards, but how valid are those standards for the world of the cloud?

For his MSc thesis at Royal Holloway University of London (RHUL), Robert Farrugia, under the
supervision of lecturer Geraint Price, analysed each of the main auditing standards and examined
their applicability to cloud computing.

While many of the standards were found to provide some useful reassurance, none of them proved
to be adequate in their own right, leaving the authors to conclude that a new cloud certification
model will be needed in the future.

Read the article

In an article now published on SearchSecurity.co.UK, the authors provide a detailed mapping of
the current cloud
security certification standards applicable to the cloud, and illustrate where each standard is
lacking. In the absence of a reliable standard, the authors suggest ways organisations might minimise
risk when moving their data and processes from a traditional in-house IT infrastructure stack
to that of the cloud.

The feature is one of six SearchSecurity.co.UK is publishing this year in collaboration with
RHUL.

Email Alerts

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Google is the latest of the tech giants hiring Wall Street hotshots. The CIO lesson? Partner with your CFO if you want to get ahead. Also in Searchlight: Facebook turns Messenger into an ecosystem; Twitter faces a gender bias lawsuit.